Senior Security Engineer
I joined Fly.io in the early days of the security practice, and led a number of initiatives to implement core capabilities across areas of corporate, infrastructure, product and application security. Some of these include:-- Implementation of a SIEM, including developing integrations with services, as well as detection engineering and designing alert triage strategies.-- Implementation of an osquery-based endpoint monitoring system, with a focus on posture management, vulnerability management and detecting indicators of compromise.-- Application and product security, code and architecture review, CI/CD security, application and network penetration testing.-- Implementation of eBPF-powered security observability on infrastructure hosts, including those responsible for hosting untrusted workloads. This focused on providing low-level visibility to our infrastructure to identify common TTPs used for initial access and lateral movement.-- Undertook in-depth research around the security of GPU virtualisation, specifically to gain visibility of malicious activity at the hypervisor level.-- Engineering of custom integration between endpoint management, SIEM, and users, to allow users to take responsibility for security events that may affect them, with full oversight from the security team.This was alongside the work general security staffing in a relatively small organisation, which included authoring security-related documentation and policy, education, threat hunting and intelligence and responding to incidents.